This privacy policy is issued on behalf of ConsumerMetrics Inc. (d/b/a CMI), so when we mention “CMI” “we,” “us,” or “our” in this privacy policy, we are referring to the company ConsumerMetrics Inc.
We’ve developed this Privacy Policy from industry guidelines and standards, and local, national, and international laws and requirements. We routinely review our privacy and security practices and continually enhance them to protect your privacy.
At CMI we respect the privacy of the individuals who visit our website and participate in our research projects. This Privacy Policy outlines the information we collect, how we collect it, and how we will use that information.
Data Processor
CMI additionally conducts data processing activities on behalf of its clients who will normally be the data controller for such activities. Where CMI is a data processor, we may only process personal data in accordance with the controller’s documented instructions as set out in a data processing agreement or contractual arrangement.
We respect your privacy and are committed to protecting your personal data. By ‘your personal data’ we mean any information about you, that you or third parties provide to us. This privacy notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.
We keep our privacy notice under regular review.
Privacy Notice Sections
- IMPORTANT INFORMATION AND WHO WE ARE
- THE DATA WE COLLECT
- TRACKING TECHNOLOGIES WE USE
- CLIENT INFORMATION CONFIDENTIALITY
- HOW WE USE YOUR INFORMATION
- PROCESSING YOUR DATA
- DISCLOSURES AND TRANSFERS OF YOUR DATA
- ACCESS, CORRECT, OR LIMIT THE USE AND DISCLOSURE OF PERSONAL DATA
- POLICY CHANGES
1. THE PURPOSE OF OUR PRIVACY POLICY
At CMI, we respect the privacy of the individuals who visit our website and participate in our research projects.
This privacy notice informs you how we collect and process your personal data through your use of this website, including any personal data you may provide through this website. For example, in signing up to receive our newsletters, updates, marketing communications, or when you download whitepapers, take part in surveys, participate in qualitative research, or apply for a job.
It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.
To exercise your privacy rights or make inquiries about your personal data, please email dataprivacy@cmiresearch.com
2. The Data We Collect
If you choose to subscribe to one of our blogs or to receive access to some of our thought-leadership materials, you will be asked to provide us with some personal data, including your name and e-mail address. We will use this data to provide you with the subscriptions and materials you request. Where permissible and/or with your permission, we may also use this data to provide you with details about our products and services that may be of interest to you.
If you have been directed here from a disclosure form because you are participating in a market research study, we will collect and process your personal data as explained in the disclosure. Additional details about transfers of your data and how to exercise your data rights are available below. We may also have surveys available through our Web site that you can voluntarily participate in. We may compile the results of these surveys or market research studies to create reports available through our Web site or to provide to our clients or third parties. Data we collect from you through these surveys or studies will be aggregated so that the final reports will not include any data that can identify you. Please be aware that any data that you provide to us in survey or study responses will belong to us.
We will also collect your device’s IP address. This data is collected automatically when you access our Web site in order to provide the services to you. This information also helps us to diagnose problems with our server and to improve the services we offer to you.
We use technologies that collect data about the use of our Web site which do not identify you directly. We use this data to compile statistics about our visitors and the ways they use our Web site. For example, we log which pages users access and which Web browsers and operating systems they use. We may also determine which Web page you are coming from before visiting our Web site and whether you are accessing our site from a corporate network to more accurately gauge our users’ demographics.
We do not intentionally collect any sensitive personal data through our Web site. Sensitive personal data means the various categories of personal data identified by applicable data privacy laws as requiring special treatment. These categories can include data relating to ethnic origin or race, marital status, political opinions or affiliations, ideological views or activities, trade union membership, religious beliefs, physical or mental health, genetic or biometric information, sexual orientation, information on social security measures, or administrative or criminal proceedings or records. We therefore suggest that you do not provide sensitive personal data of this type to us through our Web site.
3. TRACKING TECHNOLOGIES WE USE
We use cookies to personalize your experience while navigating our site. Please request our Cookie Policy at dataprivacy@cmiresearch.com to understand how these cookies operate and for more information about your choices to opt in or out.
We may also use Web beacons in the marketing e-mails we send as well as pixel tags on our Web pages. These non-intrusive tags help us know when you view our e-mails, what your IP address is, and which pages you view on our site. We use this data to understand what kinds of content are of interest to you so that we can conduct internal analysis of this information and improve our services. You may be able to disable such tracking by setting your e-mail client to display messages as text only or by turning off image display. We may also collect your IP address for advertising-related purposes. Additional information about how to adjust your browser settings to limit or block tracking technologies is available by emailing dataprivacy@cmiresearch.com
4. CLIENT INFORMATION CONFIDENTIALITY
Consistent with our client obligations, it has always been our policy to exercise the utmost discretion regarding the information our clients entrust to us. We accept and process confidential client information, including data we collect in the course of providing services to our clients, such as for market research purposes, subject to our client’s direction and control, and we maintain reasonable and appropriate security precautions. Because we operate globally, our systems may make data related to your matters accessible from our various offices around the world, and we often transfer client data between our offices. This data is transferred in accordance with the requirements of our intergroup data transfer agreement based on the Standard Contractual Clauses defined in Regulation (EU) 2016/679.
We never rent, trade, sell, or share your information with any unrelated parties except as necessary or appropriate to conduct our business activities, subject to appropriate confidentiality, privacy, and information security commitments provided by the receiving party; or to further your interests; or as permitted or required by law; or as authorized or directed by you.
5. HOW WE USE YOUR INFORMATION
We may use your data to notify you about our products or services or keep you updated on issues that we think are of interest to you, where permissible or if you have opted in to receiving such notifications.
We will send you information and materials you request.
We may use your data for market research purposes.
If we are processing your data on behalf of a third party (such as our client), we will follow the processing instructions that the third party provided us with and are in accordance with applicable laws or regulations.
We will use your data to administer and improve our Web site and to better understand our site users.
We may use your data to carry out contracts or comply with applicable laws or regulations.
6. PROCESSING YOUR DATA
We process your personal data in order to operate, maintain, and provide you with our services. CMI’s legal basis for processing your personal data will typically be one of the following:
- It is necessary to fulfill a contract that we have in place with you;
- The processing is necessary for our legitimate interests, to ensure that our services are properly provided, and to promote our services;
- We have your consent to use your personal data; or
- The processing is necessary to comply with our legal obligations.
7. DISCLOSURES AND TRANSFERS OF YOUR DATA
We do not rent, sell, share, or otherwise distribute your personal data to third parties outside of CMI except as required by law and in these circumstances:
- Your personal data may be shared with contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal data confidential and use it only for the purposes for which we disclose it to them, per the purpose and/or with your consent as set out in this Privacy Policy.
- Your personal data may be shared with our clients on whose behalf we are processing your data per their instructions.
- We may share, transfer, or disclose the information in our databases and server logs in the event of our sale, merger, reorganization, dissolution, or similar event, as well as to comply with a contractual obligation with our clients, protect your vital interests, and/or protect the security or integrity of our databases or services. We will inform you of any such transfer or disclosure as required by law.
- We may be required to disclose your personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Governmental and regulatory bodies must follow the applicable legal process to obtain valid and binding orders. All requests must be specific and reviewed by the CMI Legal team to ensure that the requests are valid. CMI does not provide any government with direct and unfettered access to your personal data, and we do not provide any government with our encryption keys.
International Data Transfers
CMI conducts business globally and therefore your data may be transferred worldwide. We are headquartered in the United States, and your data will be stored and processed according to U.S. privacy standards in alignment with the OECD Privacy Guidelines. Data is transferred in accordance with the requirements of our intergroup data transfer agreement based on the Standard Contractual Clauses defined in Regulation (EU) 2016/679 and which also satisfies the requirements for cross-border data transfers from Japan under Act No. 57 of 2003, as amended. We adhere to the essential data protection principles of lawfulness, fairness, and transparency; purpose limitation; data minimization; accuracy; storage limitation; integrity and confidentiality; and accountability.
Whenever we do transfer your personal data to another jurisdiction, we will take appropriate steps to protect such, which includes the following:
- Entering into an agreement with the third party which includes clauses that offer adequate protection for your information and these will offer no less protection than are provided by those determined by the EU commission, a template copy of which is available at: https://commission.europa.eu/law/law-topic/data-protection_en
- Otherwise ensuring that information would only be transferred to third parties in jurisdictions that have at least the same data privacy protection for personal data as the jurisdiction from which the personal data originates from. For example, in the case that the personal data originates from the EEA or UK and is transferred to a third country that has been deemed to offer adequate protection by the EU Commission or UK ICO for the processing of your personal data.
8. ACCESS, CORRECT, OR LIMIT THE USE AND DISCLOSURE OF PERSONAL DATA
CMI encourages you to learn about your rights and choices of your personal data usage. You may find a detailed breakdown of all such information here: https://cmiresearch.com/cmi-data-disclosure
Here you will learn how to request access, correct, delete, limit, or object to the use and disclosure of the personal data we hold about you. You may also reach out to us directly at dataprivacy@cmiresearch.com
Please note, we will respond to your request in accordance with applicable law.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request and to review and comply with the request.
How we Retain your Personal Data
We take steps to ensure that the personal data that you provide is retained for only as long as it is necessary for the purpose for which it was collected and as required by applicable law. After this period, it will be deleted, or in some cases, deidentified.
Opting out
If you no longer wish to receive information you subscribed to or other information that you have previously opted in to receive, you may opt out by clicking the unsubscribe link in any automated e-mail you receive from us or by e-mailing us at dataprivacy@cmiresearch.com
Security
We provide reasonable and appropriate physical, technical, and organizational safeguards intended to maintain the confidentiality, integrity, and availability of the personal data we collect. Please be aware that, although we endeavor to provide reasonable security for data we process and maintain, no security system can prevent all potential security breaches.
Governing Law
This Privacy Policy is governed by the laws of the State of Georgia.
Changes
We may change this Privacy Policy at any time. Any updates to this Privacy Policy will be posted here. The date at the top indicates the date of the last update.
Links
When you leave our Web site via links to other sites or services that we do not provide, this Privacy Policy no longer applies to those sites or services.
Children
We do not knowingly solicit data from or market to children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without his or her consent, he or she should contact us at dataprivacy@cmiresearch.com. We will delete such information from our files.
9. POLICY CHANGES
We, at CMI, routinely review our Privacy Policy. As such, CMI reserves the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Web site and update the notice’s date. Your continued use of our Web site following the posting of changes constitutes your acceptance of such changes.